Navigate:

Rebirth of CISPA, but 'concerns haven't gone away'

Rep. Adam Schiff says the text is largely the same as the one last year. | Reuters

Michelle Richardson, legislative counsel for the ACLU, said the bill requires further narrowing. “It seems like, while tech people say as a practice [that] we’re mostly scanning for known signatures or IP addresses we know are bad, there’s no limitation to that in the bill. It immunizes much broader behavior, and that could include sharing Internet records, content of communications, identifying information like a name associated with an account. All of that’s wrapped up in there — it’s all theoretically cyberinformation.”

The Obama administration itself raised that very objection in a Statement of Administration Policy issued before a vote on CISPA last year. While sources believe the White House opposed the bill chiefly because it didn’t address critical infrastructure, the administration nonetheless indicted CISPA for the absence of “sufficient limitations” on how data might be collected and used.

Text Size

-

+

reset

Those opponents also felt civilian agencies should have led the way, not the Department of Defense or the National Security Agency, and they believed there needed to be stronger language on how long data could be retained. The White House-backed Senate bill, by contrast, satisfied the ACLU and its allies — and the president’s new executive order appears to track closely to that plan.

The White House, however, did not comment Thursday on whether it strictly opposes the rebirth of CISPA. Spokeswoman Caitlin Hayden said the administration does not issue official statements “until bills are ready for the floor, so as not to prejudge the legislative process.”

She continued: “Our belief continues to be that information-sharing improvements are essential to effective legislation, but they must include proper privacy and civil liberties protections, reinforce the appropriate roles of civilian and intelligence agencies, and include targeted liability protections.”

Even so, all of those criticisms still hang ominously over CISPA as its backers prepare to return to cybersecurity in 2013. Rogers and Ruppersberger suggested there may be a tiny bit of wiggle room in the debate, but both lawmakers also stressed Thursday they believe the measure in its current form strikes the right balance.

“We’re going to continue both working with the White House, working with privacy groups, working with others,” Rogers told POLITICO. “We want a bill that people are comfortable with, that people fully understand what it does, not what they think it does, and then move it.”

Ruppersberger added, in a separate interview, “Right now, we feel this is the bill,” though he pledged there would be more consultation going forward.

Asked about the many differences that remain between CISPA and its Washington opponents, he replied: “Our job is to educate.”